10 Security Bugs You Should Be Watching

Pages

US-CERT issued an advisory that some 64-bit operating systems and virtualization software running on Intel CPU hardware are susceptible to a local privilege escalation attack or a guest-to-host virtual machine escape.

The VM escape is considered by some to be the “Holy Grail” for virtualization attackers because accessing the host can enable control of other virtual machines, or even the physical operating environment. But in this case, the effect is severely reduced by the fact that it has to be executed locally, and this particular attack might be underway in order to generate proof-of-concept.